$filter = NULL;
if(isset($_GET['filter'])){
$_GET['filter'] = sanitize($_GET['filter']);
if(preg_match('#[0-9]#',$_GET['filter'])) $filter = "AND `banner` = '" . $_GET['filter'] . "'";
elseif(strlen($_GET['filter']) == 2) $filter = "AND `country` = '" . $_GET['filter'] . "'";
else {
$arr = explode('-', $_GET['filter']);
$names = explode("' , '", $arr);
$category_id = mysql_query("SELECT `category_id` FROM `categories` WHERE `name` IN ('$names')");
$filter = "AND `category_id` = '$category_id'";
}
}